我需要我的SWF能够看到它装在页面的域名。通常情况下，以这个，我只想看看window.location的结束ExternalInterface的，但在这种特殊情况下的SWF将被嵌入的allowScriptAccess =从来没有，所以这是行不通的。是否有一个实际的API，它会给我，还是我不得不求助于丑陋的黑客？

I need my swf to be able to see the domain of the page that it's loaded on. Normally to to this I would just look at window.location over ExternalInterface, but in this particular case the swf is going to be embedded with allowscriptaccess="never", so that's not going to work. Is there an actual api that will give me that or do I have to resort to ugly hacks?

推荐答案

事实证明，有没有直接的方法来做到这一点。但是，您可以执行以下操作：

It turns out that there's no direct way to do this. However, you can do the following:

在为prevent被伪造（由人直接链接到静态文件服务器，跳过重定向），你必须有你的静态文件服务器验证得到变量的值是一样的这个值服务于文件（我知道你可以在nginx的做）前的引用者头的值。

In order to prevent this value from being forged (by people linking directly to the static file server, skipping the redirect) you have to have your static file server verify that the value of the get variable is the same as the value in the referer header before serving the file (which I know you can do in nginx).